Strategy to Verify Python Program is POST'ing to a web server.
Paul Rubin
no.email at nospam.invalid
Sat Jun 18 17:03:19 EDT 2011
"mzagursk at gmail.com" <mzagursk at gmail.com> writes:
> For example, if I create a website that tracks some sort of
> statistical information and don't ensure that my program is the one
> that is uploading it, the statistics can be thrown off by people
> entering false POST data onto the data upload page. Any remedy?
If you're concerned about unauthorized users posting random crap, the
obvious solution is configure your web server to put password protection
on the page.
If you're saying AUTHORIZED users (those allowed to use the program to
post stuff) aren't trusted to not bypass the program, you've basically
got a DRM problem, especially if you think the users might
reverse-engineer the program to figure out the protocol. The most
effective approaches generally involve delivering the program in the
form of a hardware product that's difficult to tamper with. That's what
cable TV boxes amount to, for example.
What is the application, if you can say? That might help get better
answers.
More information about the Python-list
mailing list